Are you confident that your organization appropriately considers the risk of a privacy breach before sharing data?

Does your organization account for the impact of your data privacy controls on your data’s fitness for purpose and the quality of analysis it can produce?

Are you confident that your organization can demonstrate that is has implemented sufficient privacy controls to achieve compliance?

Is your organization using sufficient controls to minimize the risk of data breaches when using digital technology such as artificial intelligence and machine learning?

Is your organization aware how GDPR and similar regulatory frameworks have raised the bar in the level of controls which need to be put in place to effectively protect data from accidental and malicious identification?

Does your organization actively use the minimum amount of data to reduce the risk of identification?

Has your organization made staff aware about what data needs to be kept confidential over and above protecting data privacy including: business sensitive data, legal, contractual, and ethical obligations?

Has your organization found the balance to avoid doing too little, too much or even poor de-identification to reduce the risk of identification in data, whilst also understanding the impact they may be having on their data?

On average each data user has around 30 specific responsibilities to protect data from data risks. Are you confident that your staff understand and implement these on a day-to-day basis to reduce the risk to your organization?

Are you confident your staff demonstrate their data responsibilities to stakeholders and build their trust?